Following the news that a number of popular websites, including Netflix and Facebook, are sending password reset emails to customers whose credentials match previous major breaches (LinkedIn, MySpace and Tumblr), there below the comment from Richard Parris, CEO at Intercede.
Richard Parris, CEO at Intercede:
“While it’s positive to see high-profile companies such as Netflix and Facebook actively resetting users’ passwords that could have been compromised, the reality is that the security efforts of these organisations do not go nearly far enough. These websites hold masses of sensitive personal data about millions of consumers, and should not be relying on outdated passwords which are no longer fit for purpose to protect this valuable information.
“There are already much more sophisticated and robust alternatives to passwords available – these companies need to sit up and take notice. They are on the back foot dealing with the aftermath of data breaches, whereas they should be focusing on making sure the breaches don’t happen in the first place. The future of online security relies on a much more proactive stance; embedding measures into the very fabric of technology we use in our everyday lives, from the silicon chips used in smartphones, to the apps and services these sites offer. If not, will large-scale data breaches ever be a thing of the past?”